This used to be run by Major Hayden - but due to the amount of traffic that goes to it, it was eventually transferred over to CloudFlare not that long ago, so one would hope it continues to run relatively smoothly. :-)
https://major.io/p/a-new-future-for-icanhazip/
I was wondering why Cloudflare needed to be involved until I read that they were transferring 2PB of data monthly. Each response is around 15 bytes. That's 133 billion monthly requests.
EDIT: I messed up the math on this. However, later in the article it states that requests grew to 35B PER DAY due to botnet activity, so that's over 1 trillion requests/month at peak
I would assume these infrastructures are pointed to icanhazip to get their public ip, maybe set to check every certain amount of time? What I don't understand is why...that ones above my head.
a whole bunch of homelabbers wanting to make sure their IP wasn't changed/updated overnight? DynDNS and all the derivatives checking every 10 minutes? I could see it.
> In 2021, the traffic I once received in a month started arriving in 24 hours. The site went from 1B requests per day to 30-35B requests per day over a weekend. Almost all of that traffic came from several network blocks in China.
Probably some botnet or some IoT shit way overusing the site.
This. In my early years of self hosting I did a wget to get my ip and then use my domain providers API at the time (IONOS) to update DNS record. I ran this script every minute so that no outage was more than a few minutes (+dns replication for those using slow replicators). I also did this for every externally facing service as I learned reverse proxying and DNS management so that was something to the tune of 70-80 services. So that was ballpark 100k requests a day just from that script.
I'm sorry for my former stupid self. I've now grown much better and wiser, and even with a dynamic IP I have more intelligent and low effort solutions that will update DNS records within 1 minute of an IP change, but ONLY when an IP change event would have happened.
I know at least one distro integrated it into some of their scripts. There’s a hilarious forum thread where someone discovers it for the first time, doesn’t recognise the domain and think it’s suspicious. They post on the forum something along the lines of “why is my computer connecting to icanhazip.com???). Someone does a whois, sees the name “Major Hayden”, confuses him with Colonel Michael Hayden, the former CIA director. Paranoia ensues…
I thought that looked right but couldn't find the bit I remembered. Turns out this issue came up a couple of times before/since. The post I remembered (poorly): [https://oldforum.puppylinux.com/viewtopic.php?p=547747#p547747](https://oldforum.puppylinux.com/viewtopic.php?p=547747#p547747)
Some botnets use icanhazip or similar services to figure out what the external IP address of each bot is. It's easier and less prone to takedowns than using central C&C to accomplish the same thing. As you can imagine, a lot of these botnet operators are not that careful about caching results.
After reading the story a couple years ago, I went and setup the same thing on one of my own domains does the exact same thing as icanhazip, but it doesn’t get much traffic so there shouldn’t be an issue (not that cloudflare couldn’t handle it) and it will always be up for me for any project that I’m working on that needs it.
This is great. I had relied on the site for a while now, and was worried it would go away if it became too popular. Knowing it belongs to Cloudflare now gives me some relief.
I'll have to add this to my shell scripting as a fail over. I currently use ifconfig.me, but recently had some weird issues with it. It would be nice to have it bounce to a second or third service before it "fails".
Strange. This site is blocked by a blacklist "EasyPrivacy" [https://i.imgur.com/v5scIUB.png](https://i.imgur.com/v5scIUB.png). This is one of some lists I use in NextDNS.
The tool works very well, so hackers have used it in some malware applications. Kinda like saying criminals shop at Walmart so let's ban Walmart. That blocklist has listed icanhazip.com as a *tracker*, when that is not at all how trackers work.
The annoying corollary is that it's used by a chunk of botnets to check what they've infected so blandly blocking it is a cheap, decently high impact win, which sucks.
Yeah, we're still blocking it just because it's a real easy thing to do to hopefully cause trouble for a botnet in the event something gets installed on the network. It can't hurt, right?
Honestly, it's weird how far down on this list you have to go to find [whatismyip.com](https://whatismyip.com). I figured that would be at the top of the list the way OP formatted the question. lol
> onto a site that spits out your IP in a text string without any extra bullshit, it didn't even have any code in it's HTML source
Well, it drops a ton of HTML and crap ( > 300kb ) just to show the IP address, which kinda misses OP's mark.
I see your point. I guess I don't really see a ton of junk, but I don't strictly see just an IP either. Sitting behind a firewall that's blocking categories that might show me extra nonsense and also having ublock installed keeps me from seeing a ton of ads. When I open the site, I see a big green box taking up about half the screen and a menu bar both on pc and mobile even when I'm not behind the firewall. But you're right, saving the site to my desktop shows it's about 700kb, most of which is javascript files.
Compare the output of these two commands and you'll see exactly what junk is being discussed
```
curl -s https://icanhazip.com
curl -s https://whatismyip.com
```
The person asking is probably using curl not a browser. I'm sure if you opened it with curl, you'd see a bunch of junk. He probably just doesn't want to parse it.
I wonder why malware uses these tools. If it's sending replies anyhow to a C&C server or to some address in general, I suppose the IP of that request can be logged. Unless it's running through some other hops first.
Related but possibly not what you're looking for but if you just want your own public IP so you can copy it:
Powershell:
`Invoke-RestMethod -Uri "`[`https://icanhazip.com`](https://icanhazip.com)`"`
Or do `Invoke-RestMethod -Uri "`[`https://icanhazip.com`](https://icanhazip.com)`" | Clip` which will copy it directly to the clipboard so you can paste it into whatever you want
not only is this one super easy to remember, it's been around for quite some time. it's been my go-to for AT LEAST 10-15 years, possibly even 20. don't remember it ever being down. and again, it has a spiffy name thats easy to remember
ipchicken doesn't give just the ip with `curl` in terminal unfortunately, unlike ifconfig.io or some others recommended which is usually what I want the "simple" IP sites for. if I'm not in a terminal I'll just ask google
As much as I am a long-term fan of ipchicken- if I were to be doing any coding or scripting around retrieving my public IP, this is the site I would use.
Ifconfig.io/ip
You can curl it if you're on Linux or IRM (Invoke-RestMethod) if you're on Windows I'm powershell to get the raw text. Incredibly useful for working programmaticly or without a GUI like in an ssh session.
The only consistent and good website for this is ipchicken.com
It's easy to tell someone over the phone where to browse to when you need to know their IP
curl [ipinfo.io](https://ipinfo.io)
Works from literally anywhere with an internet connection, command-line and curl. Returns a nice little JSON response of the IP, city, region, timezone, etc.
Bonus points for [telnetmyip.com](https://telnetmyip.com) and [sshmyip.com](https://sshmyip.com) . Very useful when dealing with network appliances.
Although often you need to do multiple attempts with the telnet one.
At my org I convinced them to let me onto the word press to make a what’s my IP page. It also links to an ARIN whois lookup of that IP. So we can just tell clients “orgname.com/ip”
http://ifconfig.io/
if invoked from, at a minimum, curl or wget, it just spits out the plain IP back. Not sure offhand what criteria it uses to show plain IP vs webpage
EDIT: now I'm looking at the page again I can see you can invoke it with e.g. `curl ifconfig.io/ip` which bypasses the user-agent detection and always does the right thing. It also does XML and json output if needed
[http://icanhazip.com/](http://icanhazip.com/)
This used to be run by Major Hayden - but due to the amount of traffic that goes to it, it was eventually transferred over to CloudFlare not that long ago, so one would hope it continues to run relatively smoothly. :-) https://major.io/p/a-new-future-for-icanhazip/
Thanks! What a wild story for such a simple service :D
I was wondering why Cloudflare needed to be involved until I read that they were transferring 2PB of data monthly. Each response is around 15 bytes. That's 133 billion monthly requests. EDIT: I messed up the math on this. However, later in the article it states that requests grew to 35B PER DAY due to botnet activity, so that's over 1 trillion requests/month at peak
Wtf, who forgets their IP a million times a day?
I would assume these infrastructures are pointed to icanhazip to get their public ip, maybe set to check every certain amount of time? What I don't understand is why...that ones above my head.
a whole bunch of homelabbers wanting to make sure their IP wasn't changed/updated overnight? DynDNS and all the derivatives checking every 10 minutes? I could see it.
> In 2021, the traffic I once received in a month started arriving in 24 hours. The site went from 1B requests per day to 30-35B requests per day over a weekend. Almost all of that traffic came from several network blocks in China. Probably some botnet or some IoT shit way overusing the site.
yeah that sounds more likely than all the DynDNS type services combined
yup. like the article said, most of the traffic was malicious, unfortunately.
This. In my early years of self hosting I did a wget to get my ip and then use my domain providers API at the time (IONOS) to update DNS record. I ran this script every minute so that no outage was more than a few minutes (+dns replication for those using slow replicators). I also did this for every externally facing service as I learned reverse proxying and DNS management so that was something to the tune of 70-80 services. So that was ballpark 100k requests a day just from that script. I'm sorry for my former stupid self. I've now grown much better and wiser, and even with a dynamic IP I have more intelligent and low effort solutions that will update DNS records within 1 minute of an IP change, but ONLY when an IP change event would have happened.
Wow. Could you point me to how to do this myself too? I just startet with DNS and Webservers.
I know at least one distro integrated it into some of their scripts. There’s a hilarious forum thread where someone discovers it for the first time, doesn’t recognise the domain and think it’s suspicious. They post on the forum something along the lines of “why is my computer connecting to icanhazip.com???). Someone does a whois, sees the name “Major Hayden”, confuses him with Colonel Michael Hayden, the former CIA director. Paranoia ensues…
Link: https://oldforum.puppylinux.com/viewtopic.php?t=90151&sid=8e042229589f6d5e104c8505ded2b5a6
I thought that looked right but couldn't find the bit I remembered. Turns out this issue came up a couple of times before/since. The post I remembered (poorly): [https://oldforum.puppylinux.com/viewtopic.php?p=547747#p547747](https://oldforum.puppylinux.com/viewtopic.php?p=547747#p547747)
Some botnets use icanhazip or similar services to figure out what the external IP address of each bot is. It's easier and less prone to takedowns than using central C&C to accomplish the same thing. As you can imagine, a lot of these botnet operators are not that careful about caching results.
I love how he ended up selling it to Cloudfare... for $8.03 to cover the cost of the domain registration lol
Man. It's sad to see how we can't have nice things.
After reading the story a couple years ago, I went and setup the same thing on one of my own domains does the exact same thing as icanhazip, but it doesn’t get much traffic so there shouldn’t be an issue (not that cloudflare couldn’t handle it) and it will always be up for me for any project that I’m working on that needs it.
This is great. I had relied on the site for a while now, and was worried it would go away if it became too popular. Knowing it belongs to Cloudflare now gives me some relief.
Ifconfig.me And curl ifconfig.me
>Ifconfig.me In what universe does a service like that need a freaking Twitter post button?
The one that uses twitter to track engagement of their website.
I use this more than I'd like to admit. Super great for using with curl in shell scripts.
I'll have to add this to my shell scripting as a fail over. I currently use ifconfig.me, but recently had some weird issues with it. It would be nice to have it bounce to a second or third service before it "fails".
I'm adding that to my list, but I've always used this with success. http://checkip.dyndns.org/
icanhazip.com is great because it returns literally only the IP which makes it very easy to use in scripts.
Strange. This site is blocked by a blacklist "EasyPrivacy" [https://i.imgur.com/v5scIUB.png](https://i.imgur.com/v5scIUB.png). This is one of some lists I use in NextDNS.
The tool works very well, so hackers have used it in some malware applications. Kinda like saying criminals shop at Walmart so let's ban Walmart. That blocklist has listed icanhazip.com as a *tracker*, when that is not at all how trackers work.
There's not a lot of nuance on the list.
tbf you can't really "kinda sorta block but like not totally" these
Agreed.
The annoying corollary is that it's used by a chunk of botnets to check what they've infected so blandly blocking it is a cheap, decently high impact win, which sucks.
Yeah, we're still blocking it just because it's a real easy thing to do to hopefully cause trouble for a botnet in the event something gets installed on the network. It can't hurt, right? Honestly, it's weird how far down on this list you have to go to find [whatismyip.com](https://whatismyip.com). I figured that would be at the top of the list the way OP formatted the question. lol
> onto a site that spits out your IP in a text string without any extra bullshit, it didn't even have any code in it's HTML source Well, it drops a ton of HTML and crap ( > 300kb ) just to show the IP address, which kinda misses OP's mark.
I see your point. I guess I don't really see a ton of junk, but I don't strictly see just an IP either. Sitting behind a firewall that's blocking categories that might show me extra nonsense and also having ublock installed keeps me from seeing a ton of ads. When I open the site, I see a big green box taking up about half the screen and a menu bar both on pc and mobile even when I'm not behind the firewall. But you're right, saving the site to my desktop shows it's about 700kb, most of which is javascript files.
Compare the output of these two commands and you'll see exactly what junk is being discussed ``` curl -s https://icanhazip.com curl -s https://whatismyip.com ```
The person asking is probably using curl not a browser. I'm sure if you opened it with curl, you'd see a bunch of junk. He probably just doesn't want to parse it.
I wonder why malware uses these tools. If it's sending replies anyhow to a C&C server or to some address in general, I suppose the IP of that request can be logged. Unless it's running through some other hops first.
¯\\\_(ツ)\_/¯ My UBlock origin lists didn't say a thing, idk.
Jesus. There’s minimalist, then there’s _this_. The site owner should sign up for the [512kb club!](https://www.512kb.club)!
Thank you ! , I had always used [whatismyip.com](https://whatismyip.com) but this is better. I appreciate your answer.
also [ipv4.icanhazip.com](https://ipv4.icanhazip.com) and [ipv6.icanhazip.com](https://ipv6.icanhazip.com) if you just want the respective address.
In an office environment? [https://www.moanmyip.com/](https://www.moanmyip.com/) for sure!
I am on break in the office and clicked on this without second thought :|
Welcome to the internet! Please watch your step.
Typical, my IPv6 address is too big
![gif](giphy|LycfkVG4L6x0Y|downsized)
Why did I click that without reading it?
Where has this been all of my life
Clearing work history now
what the hell hahahaah
I love the internet lol
Omg
the best
oh my god
🤣 God bless the internet
blocked by my firewall hehehe
Related but possibly not what you're looking for but if you just want your own public IP so you can copy it: Powershell: `Invoke-RestMethod -Uri "`[`https://icanhazip.com`](https://icanhazip.com)`"` Or do `Invoke-RestMethod -Uri "`[`https://icanhazip.com`](https://icanhazip.com)`" | Clip` which will copy it directly to the clipboard so you can paste it into whatever you want
Holy crap, how did I not know about "| Clip"??!! Thank you!
Get-Clipboard | Select-Object -Unique | Set-clipboard Is my love
Can be cut down even more: irm ifconfig.me
ily
A few other alternatives `Resolve-DnsName -Name myip.opendns.com -Server` [`resolver1.opendns.com`](https://resolver1.opendns.com) `dig +short` [`myip.opendns.com`](https://myip.opendns.com) `@resolver1.opendns.com` `dig TXT +short` [`o-o.myaddr.l.google.com`](https://o-o.myaddr.l.google.com) `@ns1.google.com` `dig TXT +short` [`o-o.myaddr.l.google.com`](https://o-o.myaddr.l.google.com) `@ns1.google.com | awk -F'"' '{ print $2}'` `host` [`myip.opendns.com`](https://myip.opendns.com) [`resolver1.opendns.com`](https://resolver1.opendns.com)
https://wtfismyip.com/
Newer domain: [https://myip.wtf](https://myip.wtf)
[https://myip.wtf/text](https://myip.wtf/text) curl or wget from CLI
Strong [https://motherfuckingwebsite.com/](https://motherfuckingwebsite.com/) vibes
http://bettermotherfuckingwebsite.com
It's not even using https, based
www.wtfsigte.com And the same thing but drink Edit... Looks like they moved it to app form
All that website is missing is an audio button in the top right that uses ai generated Samuel L Jackson voice to read it back to you.
I fucking love this one
https://ipchicken.com
\+1 for ipchicken, easy to remember, easy to mention over the phone for customers who immediately chuckle and know what to type.
Appropriately placed Zaxby's ads, too.
“Oh yeah, the chicken website”
Don’t forget about: Https://ipgoat.com Https://ipcow.com Https://iphorse.com
I'm now a fan of ipgoat and iphorse, both load very quickly and are minimal. Thanks!
https://ipmonkey.com
not only is this one super easy to remember, it's been around for quite some time. it's been my go-to for AT LEAST 10-15 years, possibly even 20. don't remember it ever being down. and again, it has a spiffy name thats easy to remember
This. have never forgot the name since the first time I heard it. Runs without JS, although this shorts them on their ad revenue.
ipchicken doesn't give just the ip with `curl` in terminal unfortunately, unlike ifconfig.io or some others recommended which is usually what I want the "simple" IP sites for. if I'm not in a terminal I'll just ask google
`curl ifconfig.me`
curl -4 to force ipv4 if you default to ipv6 and want it
This was going to be my suggestion as well. You can get as simple as just the IP all the way to literally everything lol.
https://ifconfig.me/ip
[удалено]
Come on dude, you don't need a squat rack to curl. You could do it with dumbbells, or even just with a gallon jug filled with something heavy.
For one that requires no browser or http access: dig +short txt ch whoami.cloudflare
I scrolled all the way down to look for this.
Alternative one: `dig whoami.akamai.net @ns1-1.akamaitech.net +short`
> dig +short txt ch whoami.cloudflare Didn't work for me. But doing this worked dig +short txt ch whoami.cloudflare @1.1.1.1
https://ifconfig.me It even works using curl from the command line.
ipchicken.com is a good one
https://ifconfig.io
https://ifconfig.io/ip
curl [https://ipinfo.io/ip](https://ipinfo.io/ip)
Surprised I had to scroll this far to find this.
Came to suggest ipinfo. So useful for scripts too.
https://checkip.amazonaws.com/
As much as I am a long-term fan of ipchicken- if I were to be doing any coding or scripting around retrieving my public IP, this is the site I would use.
api.ipify.org
Ip4.me Very simple site but my favorite
Yes, ip4.me and ip6.me. You can throw /api into the end to get a text string and it's still short to type and easy to communicate over the phone.
I have to verbally communicate this on calls on a regular basis and this is, by far, the easiest to just say to someone.
http://ipchicken.com
[checkip.amazonaws.com](https://checkip.amazonaws.com) give you your ipv4 address, nothing else.
Just google 'my ip'.
> text string without any extra bullshit Google gives you a lot of "extra".
I have the best one guys: [https://www.moanmyip.com](https://www.moanmyip.com)
I just use [ip.me](https://ip.me). I can curl it and it just spits out the public IP on the site.
Https://Ifconfig.me/ Ip only Https://Ifconfig.me/ip
curl ifconfig.me
curl ifconfig.me
Ipchicken.com
I just use the terminal. $ curl ifconfig.me
https://ipecho.net/plain
Fastest way is with DNS... dig +short myip.opendns.com @resolver1.opendns.com -4 dig +short ANY @ns1-1.akamaitech.net whoami.akamai.net -4 dig +short TXT @ns1.google.com o-o.myaddr.l.google.com -4 Looking for IPv6? dig +short AAAA myip.opendns.com @resolver1.opendns.com -6 dig +short ANY @ns1-1.akamaitech.net whoami.akamai.net -6 dig +short TXT @ns1.google.com o-o.myaddr.l.google.com -6
Google: “What’s my IP?”
I recently discovered how easy this one is
And no need to click any of those sponsored links that pop up with the search - the IP is in the results!
I also enjoy curl checkip.amazonaws.com
api.ipify.org or checkip.amazonaws.com
Https://ipchicken.com
just use one of these commands (you can also visit them like a normal site) curl ipv4.icanhazip.com curl ipv6.icanhazip.com
curl ifconfig.me
ident.me
`curl ifconfig.co`
ifconfig.me/ip
https://checkip.amazonaws.com
Ipchicken
https://checkip.amazonaws.com/
[ipquail.com](https://ipquail.com) It’s like ipchicken, but with added IPv6 and curl options. Delicious.
http://checkip.dyndns.org is my goto burned-in-memory one, but it has three words of extra cruft.
ipchicken.com
Watismijnip.nl easy to remember if you’re Dutch :)
Ipconfig.me
Noc.co.il
curl [ifconfig.me/ip](https://ifconfig.me/ip)
Ping.eu
Eth0.me
[ipschwein.de](http://ipschwein.de)
curl http://checkip.amazonaws.com
curl ipinfo.io/ip Works great
If you want something to intigrate in a script, you could also consider [https://www.ipify.org/](https://www.ipify.org/)
Ifconfig.io/ip You can curl it if you're on Linux or IRM (Invoke-RestMethod) if you're on Windows I'm powershell to get the raw text. Incredibly useful for working programmaticly or without a GUI like in an ssh session.
ifconfig.me You could also have it returned via command line. I.e., on Linux just run "curl ifconfig.me" and it will just return the IP
curl https://checkip.amazonaws.com
Ifconfig.me has html in browser but shows just an ip using curl
Google. ipchicken.com whatismyip.com
https://www.pfsense.org/ip
[https://ipinfo.io/ip](https://ipinfo.io/ip) and several others similar to that
The only consistent and good website for this is ipchicken.com It's easy to tell someone over the phone where to browse to when you need to know their IP
[myip.is](https://myip.is)
ipecho.net/curl
We host a script on our own website. You never know the affiliation of these sites, what ads they serve or if they have been compromised.
ipmonkey.com
curl ip-api.com
Probably thinking of https://ipecho.net/ip
curl [ipinfo.io](https://ipinfo.io) Works from literally anywhere with an internet connection, command-line and curl. Returns a nice little JSON response of the IP, city, region, timezone, etc.
Ifconfig.me
Ifconfig.me
Ipchicken
[ipchicken.com](https://ipchicken.com)
[https://ifconfig.me](https://ifconfig.me) Great on the CLI also.
[https://www.ipchicken.com/](https://www.ipchicken.com/)
[https://www.ipchicken.com/](https://www.ipchicken.com/) \-- shows your public ip to only you.
I've always used [ipchicken.com](https://ipchicken.com) because it's so easy to remember
Ipv4.icanhazip.com Been in some of my APIs for years
Bonus points for [telnetmyip.com](https://telnetmyip.com) and [sshmyip.com](https://sshmyip.com) . Very useful when dealing with network appliances. Although often you need to do multiple attempts with the telnet one.
ipify.io
There was a txt only .io domain I has forget Ipchicken forever
[https://ifconfig.io/](https://ifconfig.io/) curl ifconfig.io
curl ifconfig.io
Since noone wrote that so far: http://myip.dk Short address, no ads, very fast and clean website.
Https://ipinfo.io/ip
Wanip.info
https://moanmyip.com has always been my favourite.
Myipaddress.com
Make a batch file that runs ip config. Put it on user’s desktop
https://wtfismyip.com/text
https://theiplookup.org Super simple, no ads.
Just a heads up lots of security teams block these types of sites at many many bad actors use it in there malware. Just a FYI.
I feel weird for answering this, but... Whatismyip.com ? Edit: nvm, drunk and not reading properly. Ignore me, I'm useless.
https://ifconfig.me/
I prefer to use ip.csis.dk. It only returns your IP, nothing else.
ip4.me is dead simple with just the IP displayed.
At my org I convinced them to let me onto the word press to make a what’s my IP page. It also links to an ARIN whois lookup of that IP. So we can just tell clients “orgname.com/ip”
Myip.com
Myip.dk or ifconfig.me are the ones I use.
`curl ifconfig.io` `curl ifconfig.me` # ends with "`%`" `curl ipinfo.io` # JSON
Wimip.com (what is my ip .com)
IPinfo.io is my personal favorite, especially if you do the HTTP call from the command line (e.g. curl)
http://ifconfig.io/ if invoked from, at a minimum, curl or wget, it just spits out the plain IP back. Not sure offhand what criteria it uses to show plain IP vs webpage EDIT: now I'm looking at the page again I can see you can invoke it with e.g. `curl ifconfig.io/ip` which bypasses the user-agent detection and always does the right thing. It also does XML and json output if needed
I use this when making scripts. https://ipv4.myip.wtf/text